Authorize requests
Your application needs to identify itself every time it sends a request to
the Cloud SQL Admin API, by including an API key with each
request.
Acquiring and using an API key
To acquire an API key:
- Open the Credentials page in the Trusted Cloud console.
-
This API supports two types of credentials.
Create whichever credentials are appropriate for your project:
-
OAuth 2.0: Whenever your application requests private user
data, it must send an OAuth 2.0 token along with the request. Your
application first sends a client ID and, possibly, a client secret to
obtain a token. You can generate OAuth 2.0 credentials for web
applications, service accounts, or installed applications.
Note: Since this API doesn't have any methods
that require OAuth 2.0 authorization, you might only need to obtain
API keys, which are described
below. However, if your application calls other APIs that require user
authorization, then you still need OAuth 2.0 credentials.
For more information, see the OAuth 2.0 documentation.
-
API keys:
A request that does not provide an OAuth 2.0 token must send an API
key.
The key identifies your project and provides API access, quota, and
reports.
The API supports several types of restrictions on API keys. If the API key that you
need doesn't already exist, then create an API key in the Console by
clicking Create credentials
> API key. You can restrict the key before using it
in production by clicking Restrict key and selecting one of the
Restrictions.
To keep your API keys secure, follow the best practices for
securely using API keys.
After you have an API key, your application can append the query parameter
key=yourAPIKey to all request URLs.
The API key is safe for embedding in URLs; it doesn't need any encoding.
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-08-28 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-08-28 UTC."],[],[],null,["# Authorize requests\n\nYour application needs to identify itself every time it sends a request to\nthe Cloud SQL Admin API, by including an [API key](//cloud.google.com/docs/authentication/api-keys) with each\nrequest.\n\nAcquiring and using an API key\n------------------------------\n\nTo acquire an API key:\n\n1. Open the [Credentials page](https://console.cloud.google.com/apis/credentials) in the Google Cloud console.\n2. This API supports two types of credentials. Create whichever credentials are appropriate for your project:\n - **OAuth 2.0:** Whenever your application requests private user\n data, it must send an OAuth 2.0 token along with the request. Your\n application first sends a client ID and, possibly, a client secret to\n obtain a token. You can generate OAuth 2.0 credentials for web\n applications, service accounts, or installed applications.\n\n **Note:** Since this API doesn't have any methods\n that require OAuth 2.0 authorization, you might only need to obtain\n [API keys](#console_public_api_keys), which are described\n below. However, if your application calls other APIs that require user\n authorization, then you still need OAuth 2.0 credentials.\n\n For more information, see the [OAuth 2.0 documentation](https://developers.google.com/identity/protocols/OAuth2).\n - **API keys:**\n\n A request that does not provide an OAuth 2.0 token must send an API\n key.\n\n The key identifies your project and provides API access, quota, and\n reports.\n\n The API supports several types of restrictions on API keys. If the API key that you\n need doesn't already exist, then create an API key in the Console by\n clicking **[Create credentials](https://console.cloud.google.com/apis/credentials) \\\u003e API key** . You can restrict the key before using it\n in production by clicking **Restrict key** and selecting one of the\n **Restrictions**.\n\nTo keep your API keys secure, follow the [best practices for\nsecurely using API keys](//cloud.google.com/docs/authentication/api-keys).\n\nAfter you have an API key, your application can append the query parameter\n`key=`\u003cvar translate=\"no\"\u003eyourAPIKey\u003c/var\u003e to all request URLs.\n\nThe API key is safe for embedding in URLs; it doesn't need any encoding."]]
